From adaaa225e8c4b89f6114ae2a6231ed5b005d9202 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Sat, 30 Oct 2021 16:45:58 +0300 Subject: [PATCH 01/11] added Alternative Domain section to dns page in docs --- website/content/docs/discovery/dns.mdx | 27 ++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index a13cd4c22f..6eda8a3dc2 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -96,6 +96,33 @@ pairs according to [RFC1464](https://www.ietf.org/rfc/rfc1464.txt). Alternatively, the TXT record will only include the node's metadata value when the node's metadata key starts with `rfc1035-`. +## Alternative Domain + +Consul support setting an alternative domain, which is usefull during DNS migrations or if you want to response +internal and external queries with different domains. + +If you are using [`alt_domain`](/docs/agent/options#alt_domain) parameter, Consul will respond based on the presence of it in your queries. +For exmaple if `test-domain` is configured as an alternative domain the following query: + +```shell-session +$ dig @127.0.0.1 -p 8600 consul.service.test-domain SRV +``` +will return: + +``` +;; QUESTION SECTION: +;consul.service.test-domain. IN SRV + +;; ANSWER SECTION: +consul.service.test-domain. 0 IN SRV 1 1 8300 machine.node.dc1.test-domain. + +;; ADDITIONAL SECTION: +machine.node.dc1.test-domain. 0 IN A 127.0.0.1 +machine.node.dc1.test-domain. 0 IN TXT "consul-network-segment=" +``` + +-> **Note:** Response to `.in-addr.arpa.` will always be returned with your default domain, as there is no way to identify queried domain. + ## Service Lookups A service lookup is used to query for service providers. Service queries support From f02be1e2c3dcbf409afae87b44bb6764963a61c0 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Tue, 16 Nov 2021 21:55:15 +0200 Subject: [PATCH 02/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Evan Culver --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 6eda8a3dc2..f10c2ca6b7 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -98,7 +98,7 @@ node's metadata key starts with `rfc1035-`. ## Alternative Domain -Consul support setting an alternative domain, which is usefull during DNS migrations or if you want to response +Consul support setting an alternative domain, which is usefull during DNS migrations or if you want to respond to internal and external queries with different domains. If you are using [`alt_domain`](/docs/agent/options#alt_domain) parameter, Consul will respond based on the presence of it in your queries. From 90e2828601720acb5549d2cdd6c6ccd0b3079db7 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Mon, 22 Nov 2021 01:07:22 +0200 Subject: [PATCH 03/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index f10c2ca6b7..17f398b5d1 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -102,7 +102,7 @@ Consul support setting an alternative domain, which is usefull during DNS migrat internal and external queries with different domains. If you are using [`alt_domain`](/docs/agent/options#alt_domain) parameter, Consul will respond based on the presence of it in your queries. -For exmaple if `test-domain` is configured as an alternative domain the following query: +For example, if `test-domain` is configured as the alternative domain, the following query: ```shell-session $ dig @127.0.0.1 -p 8600 consul.service.test-domain SRV From eb21aab1b537407001de5572a063001ba5681a45 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Mon, 22 Nov 2021 01:09:39 +0200 Subject: [PATCH 04/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 17f398b5d1..a8ed0e341f 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -121,7 +121,9 @@ machine.node.dc1.test-domain. 0 IN A 127.0.0.1 machine.node.dc1.test-domain. 0 IN TXT "consul-network-segment=" ``` --> **Note:** Response to `.in-addr.arpa.` will always be returned with your default domain, as there is no way to identify queried domain. +-> **Note:** Responses to PTR queries (`.in-addr.arpa.`) will always use the +[primary domain](/docs/agent/options#domain) (not the alternative domain), +as there is no way for the query to specify a domain. ## Service Lookups From 2900f3861a1493222967f412b7a61a22a718a949 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Mon, 22 Nov 2021 01:14:19 +0200 Subject: [PATCH 05/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index a8ed0e341f..e7baaa09a4 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -98,10 +98,16 @@ node's metadata key starts with `rfc1035-`. ## Alternative Domain -Consul support setting an alternative domain, which is usefull during DNS migrations or if you want to respond to -internal and external queries with different domains. +By default, Consul responds to DNS queries only for its configured +[`domain`](/docs/agent/options#domain). -If you are using [`alt_domain`](/docs/agent/options#alt_domain) parameter, Consul will respond based on the presence of it in your queries. +Some use cases require responding to queries for more than one domain, +such as during a DNS migration or to distinguish between internal and +external queries by using different domains. + +Consul can configured to respond to DNS queries on an alternative domain +through the [`alt_domain`](/docs/agent/options#alt_domain) agent configuration +option. Consul's DNS response will use the same domain as was used in the query. For example, if `test-domain` is configured as the alternative domain, the following query: ```shell-session From b114124d2b2064a841d987d15118c43ea1a6351c Mon Sep 17 00:00:00 2001 From: Konstantine Date: Mon, 22 Nov 2021 01:17:33 +0200 Subject: [PATCH 06/11] added missing 'be' --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index e7baaa09a4..0b00c0aa2d 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -105,7 +105,7 @@ Some use cases require responding to queries for more than one domain, such as during a DNS migration or to distinguish between internal and external queries by using different domains. -Consul can configured to respond to DNS queries on an alternative domain +Consul can be configured to respond to DNS queries on an alternative domain through the [`alt_domain`](/docs/agent/options#alt_domain) agent configuration option. Consul's DNS response will use the same domain as was used in the query. For example, if `test-domain` is configured as the alternative domain, the following query: From 67c81de2af43630cb138bb6e2ad73687ee006706 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Thu, 2 Dec 2021 22:38:57 +0200 Subject: [PATCH 07/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 0b00c0aa2d..a3db818f4f 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -105,7 +105,7 @@ Some use cases require responding to queries for more than one domain, such as during a DNS migration or to distinguish between internal and external queries by using different domains. -Consul can be configured to respond to DNS queries on an alternative domain +Consul versions 1.5.2+ can be configured to respond to DNS queries on an alternative domain through the [`alt_domain`](/docs/agent/options#alt_domain) agent configuration option. Consul's DNS response will use the same domain as was used in the query. For example, if `test-domain` is configured as the alternative domain, the following query: From a2205318ff493beb445a45b40e7748da2b0e0fa6 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Thu, 2 Dec 2021 22:39:02 +0200 Subject: [PATCH 08/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index a3db818f4f..d26e95c86a 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -107,7 +107,9 @@ external queries by using different domains. Consul versions 1.5.2+ can be configured to respond to DNS queries on an alternative domain through the [`alt_domain`](/docs/agent/options#alt_domain) agent configuration -option. Consul's DNS response will use the same domain as was used in the query. +option. As of Consul versions 1.11.0+, Consul's DNS response will use the same domain as was used in the query; +in prior versions, the response may use the primary [`domain`](/docs/agent/options#domain) no matter which +domain was used in the query. For example, if `test-domain` is configured as the alternative domain, the following query: ```shell-session From 664211d5082d77ff44f20fada6eaa34894908f5e Mon Sep 17 00:00:00 2001 From: Konstantine Date: Thu, 2 Dec 2021 22:39:14 +0200 Subject: [PATCH 09/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index d26e95c86a..a38ecdfced 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -129,7 +129,7 @@ machine.node.dc1.test-domain. 0 IN A 127.0.0.1 machine.node.dc1.test-domain. 0 IN TXT "consul-network-segment=" ``` --> **Note:** Responses to PTR queries (`.in-addr.arpa.`) will always use the +-> **PTR queries:** Responses to PTR queries (`.in-addr.arpa.`) will always use the [primary domain](/docs/agent/options#domain) (not the alternative domain), as there is no way for the query to specify a domain. From 0a3c012691b5531f94825254cdf4b857aa4af8da Mon Sep 17 00:00:00 2001 From: Konstantine Date: Thu, 2 Dec 2021 22:39:21 +0200 Subject: [PATCH 10/11] Update website/content/docs/discovery/dns.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- website/content/docs/discovery/dns.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index a38ecdfced..d027ff45d0 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -115,7 +115,7 @@ For example, if `test-domain` is configured as the alternative domain, the follo ```shell-session $ dig @127.0.0.1 -p 8600 consul.service.test-domain SRV ``` -will return: +The following responses are returned: ``` ;; QUESTION SECTION: From 34df6ced937c373d95731712b2b19292a3359417 Mon Sep 17 00:00:00 2001 From: Konstantine Date: Fri, 3 Dec 2021 00:54:39 +0200 Subject: [PATCH 11/11] added hcl --- website/content/docs/discovery/dns.mdx | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index d027ff45d0..87c9145c1a 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -98,19 +98,23 @@ node's metadata key starts with `rfc1035-`. ## Alternative Domain -By default, Consul responds to DNS queries only for its configured -[`domain`](/docs/agent/options#domain). +By default, Consul responds to DNS queries in the `consul` domain, +but you can set a specific domain for responding to DNS queries by configuring the [`domain`](/docs/agent/options#domain) parameter. -Some use cases require responding to queries for more than one domain, -such as during a DNS migration or to distinguish between internal and -external queries by using different domains. +In some instances, Consul may need to respond to queries in more than one domain, +such as during a DNS migration or to distinguish between internal and external queries. Consul versions 1.5.2+ can be configured to respond to DNS queries on an alternative domain through the [`alt_domain`](/docs/agent/options#alt_domain) agent configuration option. As of Consul versions 1.11.0+, Consul's DNS response will use the same domain as was used in the query; in prior versions, the response may use the primary [`domain`](/docs/agent/options#domain) no matter which domain was used in the query. -For example, if `test-domain` is configured as the alternative domain, the following query: + +In the following example, the `alt_domain` parameter is set to `test-domain`: + +```hcl + alt_domain = "test-domain" +``` ```shell-session $ dig @127.0.0.1 -p 8600 consul.service.test-domain SRV